[ SEA-GHOST MINI SHELL]
#!/bin/sh
######################################################################
# Prune undesired systemd.debug entries in kernels that are not
# marked for debugging. See Red Hat bugzilla 1285601.
######################################################################
PATH=/usr/bin:/usr/sbin
EPOCH_DATE=$(date +"%s")
LOG_DIR="/var/log"
LOG_FILE="${LOG_DIR}/grubby_prune_debug"
display_event()
{
EVENT_LABEL="$1"
EVENT_DATA="$2"
JUSTIFIED_LABEL=$(printf "%-12s" "${EVENT_LABEL}")
LOG_TIMESTAMP=$(date +"%s")
echo "[${LOG_TIMESTAMP}] ${JUSTIFIED_LABEL}: ${EVENT_DATA}" >> "${LOG_FILE}"
}
exit_event()
{
display_event "Exit" "Exiting script"
exit $1
}
find_entry_by_title()
{
SEARCH_TITLE=$1
display_event "Examine" "Searching for entry title - ${SEARCH_TITLE}"
for current_index in $(grubby --info=ALL|grep "^index="| sed 's/^index=//') ; do
CURRENT_TITLE=$(grubby --info="${current_index}" 2> /dev/null |grep "^title=" | sed 's/^title=//')
# do not do anything if this was empty
[ -z "${CURRENT_TITLE}" ] && continue
if [ "${CURRENT_TITLE}" = "${SEARCH_TITLE}" ]; then
echo "${current_index}"
break;
fi
done
}
[ -d "${LOG_DIR}" ] || mkdir -p -m 0755 "${LOG_DIR}"
display_event "Start" "Begin search for extraneous debug arguments"
if [ "$(id -u)" -ne 0 ]; then
display_event "Error" "This script may only run as root."
exit_event 0
fi
######################################################################
# Back up the grub.cfg for sanity
######################################################################
BOOTLOADER_CFG=
BOOTLOADER_CFG_BK=
if [ -f "/etc/grub2.cfg" ]; then
BOOTLOADER_CFG=$(realpath "/etc/grub2.cfg")
BOOTLOADER_CFG_BK="${BOOTLOADER_CFG}.${EPOCH_DATE}.rpmsave"
elif [ -f "/etc/grub2-efi.cfg" ]; then
BOOTLOADER_CFG=$(realpath "/etc/grub2-efi.cfg")
BOOTLOADER_CFG_BK="${BOOTLOADER_CFG}.${EPOCH_DATE}.rpmsave"
elif [ -f "/etc/zipl.conf" ]; then
BOOTLOADER_CFG=$(realpath "/etc/zipl.conf")
BOOTLOADER_CFG_BK="${BOOTLOADER_CFG}.${EPOCH_DATE}.rpmsave"
elif [ -f "/etc/yaboot.conf" ]; then
BOOTLOADER_CFG=$(realpath "/etc/yaboot.conf")
BOOTLOADER_CFG_BK="${BOOTLOADER_CFG}.${EPOCH_DATE}.rpmsave"
fi
if [ -z "${BOOTLOADER_CFG}" ]; then
display_event "Error" "Could not find a bootloader configuration to back up"
exit_event 0
fi
if [ -f "${BOOTLOADER_CFG}" ]; then
if cp -a "${BOOTLOADER_CFG}" "${BOOTLOADER_CFG_BK}" 2> /dev/null; then
display_event "Copied" \
"Current configuration backed up to ${BOOTLOADER_CFG_BK}"
else
display_event "Error" "Could not write ${BOOTLOADER_CFG_BK}"
exit_event 0
fi
fi
######################################################################
# Figure out what the debugging tag will look like
######################################################################
ARCH=$(uname -m)
if [ $ARCH = 's390' -o $ARCH = 's390x' ]; then
DEBUGGING_TAG="_with_debugging"
else
DEBUGGING_TAG=" with debugging"
fi
######################################################################
# Remove the systemd.debug kernel arguments from standard non-debug
# kernel entries only
######################################################################
display_event "Examine" "Searching for distribution provided debugging entries"
for entry_index in $(grubby --info=ALL|grep "^index="| sed 's/^index=//') ; do
INDEX_TITLE=$(grubby --info="${entry_index}" 2> /dev/null |grep "^title=" | sed 's/^title=//')
# do not do anything if this was empty
[ -z "${INDEX_TITLE}" ] && continue
if echo "${INDEX_TITLE}" | grep -q "${DEBUGGING_TAG}$"; then
display_event "Found" "Found distribution provided debugging entry - ${INDEX_TITLE}"
NON_DEBUG_TITLE=$(echo "${INDEX_TITLE}" | sed "s/${DEBUGGING_TAG}$//")
NON_DEBUG_INDEX=$(find_entry_by_title "${NON_DEBUG_TITLE}")
if [ -n "${NON_DEBUG_INDEX}" ]; then
display_event "Found" "Found matching non-debugging entry - ${NON_DEBUG_TITLE}"
KERNEL_ARGS=$(grubby --info="${NON_DEBUG_INDEX}" 2> /dev/null |grep "^args=")
if echo "${KERNEL_ARGS}" | grep -E -q 'systemd.debug|systemd.log_level=debug|systemd.log_target=kmsg'; then
if grubby --update-kernel="${NON_DEBUG_INDEX}" --remove-args="systemd.debug systemd.log_level=debug systemd.log_target=kmsg"; then
display_event "Update" "Removed debugging arguments for ${NON_DEBUG_TITLE}"
else
display_event "Error" "grubby failed to remove debug argument from ${NON_DEBUG_TITLE}"
fi
else
display_event "Skip" "No debugging arguments to remove for ${NON_DEBUG_TITLE}"
fi
else
display_event "Error" "Could not find the matching non-debugging entry - ${NON_DEBUG_TITLE}"
fi
fi
done
######################################################################
# The default entry should not have debugging statements
######################################################################
# source of ALLOW_DEBUGGING_DEFAULT
[ -f /etc/sysconfig/kernel ] && . /etc/sysconfig/kernel
CURRENT_DEFAULT_INDEX=$(grubby --default-index)
CURRENT_TITLE=$(grubby --info="${CURRENT_DEFAULT_INDEX}" 2> /dev/null |grep "^title=" | sed 's/^title=//')
if echo "${CURRENT_TITLE}" | grep -q "${DEBUGGING_TAG}$"; then
case "${ALLOW_DEBUGGING_DEFAULT}" in
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|1)
display_event "Examine" "Detected user preference to allow debugging default entries if present"
exit_event 0
;;
esac
display_event "Examine" "Search for entry without debugging to replace default entry - ${CURRENT_TITLE}"
unset NON_DEBUG_INDEX
unset NON_DEBUG_TITLE
ARCH=$(uname -m)
NON_DEBUG_TITLE=$(echo "${CURRENT_TITLE}" | sed "s/${DEBUGGING_TAG}$//")
NON_DEBUG_INDEX=$(find_entry_by_title "${NON_DEBUG_TITLE}")
if [ -n "${NON_DEBUG_INDEX}" ]; then
if grubby --set-default-index="${NON_DEBUG_INDEX}"; then
display_event "Update" "Selected ${NON_DEBUG_TITLE} as the new default entry"
else
display_event "Error" "Could not set ${NON_DEBUG_TITLE} as default"
fi
else
display_event "Error" "Could not find the matching non-debugging entry"
fi
fi
exit_event 0
SEA-GHOST - SHELL CODING BY SEA-GHOST